The U.S. Air Force‘s chief information security office has introduced an updated risk management framework that covers formal policies and processes for the service branch to assess, manage and validate the cybersecurity risks of tools and systems that airmen operate.
The redesigned framework calls for the Air Force to shift adopt a functionally aligned model to certify cyber platforms, the service branch said March 8.
Pete Kim, chief information security officer of the Air Force, said the policy is one of his initiatives to help the branch protect the service branch’s cyber terrain.
The policy is stated in the Instruction 17-101 manual titled “Risk Management Framework for Air Force Information Technology.”
The branch added the framework also supports the decentralization of risk assessment and authorization to officials who have been delegated by Lt. Gen. William Bender, the Air Force’s chief information officer, to a defined cyber area of responsibility.